--- a/jdk/src/java.base/share/classes/sun/security/tools/keytool/Main.java	Tue Dec 23 15:10:15 2014 +0000
+++ b/jdk/src/java.base/share/classes/sun/security/tools/keytool/Main.java	Tue Dec 23 16:30:57 2014 +0000
@@ -124,6 +124,7 @@
 
     private Set<Pair <String, String>> providers = null;
     private String storetype = null;
+    private boolean hasStoretypeOption = false;
     private String srcProviderName = null;
     private String providerName = null;
     private String pathlist = null;
@@ -483,11 +484,13 @@
             } else if (collator.compare(flags, "-storetype") == 0 ||
                     collator.compare(flags, "-deststoretype") == 0) {
                 storetype = args[++i];
+                hasStoretypeOption = true;
             } else if (collator.compare(flags, "-srcstorepass") == 0) {
                 srcstorePass = getPass(modifier, args[++i]);
                 passwords.add(srcstorePass);
             } else if (collator.compare(flags, "-srcstoretype") == 0) {
                 srcstoretype = args[++i];
+                hasStoretypeOption = true;
             } else if (collator.compare(flags, "-srckeypass") == 0) {
                 srckeyPass = getPass(modifier, args[++i]);
                 passwords.add(srckeyPass);
@@ -809,36 +812,42 @@
         }
 
         // Create new keystore
-        if (providerName == null) {
-            keyStore = KeyStore.getInstance(storetype);
+        // Probe for keystore type when filename is available
+        if (ksfile != null && ksStream != null && providerName == null &&
+            hasStoretypeOption == false) {
+            keyStore = KeyStore.getInstance(ksfile, storePass);
         } else {
-            keyStore = KeyStore.getInstance(storetype, providerName);
-        }
-
-        /*
-         * Load the keystore data.
-         *
-         * At this point, it's OK if no keystore password has been provided.
-         * We want to make sure that we can load the keystore data, i.e.,
-         * the keystore data has the right format. If we cannot load the
-         * keystore, why bother asking the user for his or her password?
-         * Only if we were able to load the keystore, and no keystore
-         * password has been provided, will we prompt the user for the
-         * keystore password to verify the keystore integrity.
-         * This means that the keystore is loaded twice: first load operation
-         * checks the keystore format, second load operation verifies the
-         * keystore integrity.
-         *
-         * If the keystore password has already been provided (at the
-         * command line), however, the keystore is loaded only once, and the
-         * keystore format and integrity are checked "at the same time".
-         *
-         * Null stream keystores are loaded later.
-         */
-        if (!nullStream) {
-            keyStore.load(ksStream, storePass);
-            if (ksStream != null) {
-                ksStream.close();
+            if (providerName == null) {
+                keyStore = KeyStore.getInstance(storetype);
+            } else {
+                keyStore = KeyStore.getInstance(storetype, providerName);
+            }
+
+            /*
+             * Load the keystore data.
+             *
+             * At this point, it's OK if no keystore password has been provided.
+             * We want to make sure that we can load the keystore data, i.e.,
+             * the keystore data has the right format. If we cannot load the
+             * keystore, why bother asking the user for his or her password?
+             * Only if we were able to load the keystore, and no keystore
+             * password has been provided, will we prompt the user for the
+             * keystore password to verify the keystore integrity.
+             * This means that the keystore is loaded twice: first load operation
+             * checks the keystore format, second load operation verifies the
+             * keystore integrity.
+             *
+             * If the keystore password has already been provided (at the
+             * command line), however, the keystore is loaded only once, and the
+             * keystore format and integrity are checked "at the same time".
+             *
+             * Null stream keystores are loaded later.
+             */
+            if (!nullStream) {
+                keyStore.load(ksStream, storePass);
+                if (ksStream != null) {
+                    ksStream.close();
+                }
             }
         }
 
@@ -1881,6 +1890,7 @@
         boolean isPkcs11 = false;
 
         InputStream is = null;
+        File srcksfile = null;
 
         if (P11KEYSTORE.equalsIgnoreCase(srcstoretype) ||
                 KeyStoreUtil.isWindowsKeyStore(srcstoretype)) {
@@ -1893,7 +1903,7 @@
             isPkcs11 = true;
         } else {
             if (srcksfname != null) {
-                File srcksfile = new File(srcksfname);
+                srcksfile = new File(srcksfname);
                     if (srcksfile.exists() && srcksfile.length() == 0) {
                         throw new Exception(rb.getString
                                 ("Source.keystore.file.exists.but.is.empty.") +
@@ -1908,10 +1918,16 @@
 
         KeyStore store;
         try {
-            if (srcProviderName == null) {
-                store = KeyStore.getInstance(srcstoretype);
+            // Probe for keystore type when filename is available
+            if (srcksfile != null && is != null && srcProviderName == null &&
+                hasStoretypeOption == false) {
+                store = KeyStore.getInstance(srcksfile, srcstorePass);
             } else {
-                store = KeyStore.getInstance(srcstoretype, srcProviderName);
+                if (srcProviderName == null) {
+                    store = KeyStore.getInstance(srcstoretype);
+                } else {
+                    store = KeyStore.getInstance(srcstoretype, srcProviderName);
+                }
             }
 
             if (srcstorePass == null